On Thu, Jun 03, 2004 at 01:03:03PM +1200, William Brower wrote: > I downloaded and installed the module - things went cleanly and the > module was installed in /lib/security/pam_passwdqc.so > > 2) I tried modifying /etc/pam.d/system-auth to look like this > (I know there is a warning about file autogeneration, but frankly, the > /etc/pam.d/passwd file seems to direct all real action to this file - > should I just modify the /etc/pam.d/passwd file instead??) No, there's no need to modify other PAM config files and it is appropriate to modify /etc/pam.d/system-auth almost like you did. > OLD: > password required /lib/security/$ISA/pam_cracklib.so retry=3 type= > password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok > md5 shadow > password required /lib/security/$ISA/pam_deny.so > > NEW: > #password required /lib/security/$ISA/pam_cracklib.so retry=3 type= > password required /lib/security/$ISA/pam_passwdqc.so You said the module installed under /lib/security/pam_passwdqc.so, -- perhaps you need to remove the extra "/$ISA" from this line then? > password sufficient /lib/security/$ISA/pam_unix.so nullok use_first_pass > md5 shadow Please revert the change you did to this line. It should have worked fine with "use_authtok". -- Alexander Peslyak <solar@xxxxxxxxxxxx> GPG key ID: B35D3598 fp: 6429 0D7E F130 C13E C929 6447 73C3 A290 B35D 3598 http://www.openwall.com - bringing security into open computing environments _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
